ГлавнаяУязвимости → CVE-2021-47101
7.1высокая

CVE-2021-47101

→ есть в БДУ: BDU:2024-08404 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] BUG: KMSAN: uninit-value in asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497 BUG: KMSAN: uninit-value in asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497 asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] asix_check_host_enable drivers/net/usb/asix_common.c:82 [inline] drivers/net/usb/asix_common.c:497 asix_mdio_read+0x3c1/0xb00 drivers/net/usb/asix_common.c:497 drivers/net/usb/asix_common.c:497

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Источники
https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56https://git.kernel.org/stable/c/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03https://git.kernel.org/stable/c/d259f621c85949f30cc578cac813b82bb5169f56